Computer forensics works to analyze information on computer systems in an attempt to find evidence regarding certain actions of a process, application, user or computer to determine the source of change within a host, network or device.
Often used within the Information Security field to specifically refer to Digital Forensics. This sub-specialty of forensics science came to being largely in the 1990s as technology began encroaching deeper into society at large. Much like other forensic sciences, the principle goal is to apply the scientific method to the collection and analysis of information stored in digital formats. While primarily used as part of legal investigations, the same tools and methods are frequently engaged as part of an incident response procedure when technical assets are involved.